Suspicious.MH690

This page contains data and removal guide to delete Suspicious.MH690 from an infected computer. Follow the instruction carefully to get rid of the Trojan instantly.

Suspicious.MH690 is a detection process for new malware threats without utilizing your antivirus program’s usual signatures. The method’s unique objective is to identify harmful software that attempts to conceal themselves from security programs by mutation technique. Encrypting Suspicious.MH690 is intentional with developers hoping to complicate threat analysis. Target computer’s antivirus application will be with the applied method.

Suspicious.MH690 attempts to elude firewall programs with Background Intelligent Transfer Service to download more threats from a remote location. When using BITS, dangerous files can transport from attackers computer towards target system without firewall assessment. Remote attacker can freely drop executable files necessary for remote unauthorized connection and manipulation of victim’s computer.

Damage Level: Medium

Threat Assessment By: Symantec

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

If antivirus program senses an attack from a known group of malware, it immediately blocks its entry and displays an alert. It may show similar names for various threats as long as it is part of the identified family. Refer to the image below.

Suspicious.MH690 detection

How to Remove Suspicious.MH690

Systematic procedures to get rid of the threat are presented on this section. Make sure to scan the computer with suggested tools and scanners.

NOTE: We suggest that you PRINT or BOOKMARK this guide. There are steps that we may have to restart the computer in order to successfully remove the threat.

Step 1 : Run a scan with your antivirus program

1. First thing you should do is reboot the computer in Safe Mode with Networking to avoid Suspicious.MH690 from loading at start-up.

Remove all media such as Memory Card, cd, dvd, and USB devices. Then, restart the computer and please do the following:

Boot in Safe Mode on Windows XP, Windows Vista, and Windows 7 system
a) Before Windows begins to load, press F8 on your keyboard.
b) It will display the Advanced Boot Options menu. Select Safe Mode.

Start computer in Safe Mode using Windows 8 and Windows 10
a) Close any running programs on your computer.
b) Get ready to Start Windows. On your keyboard, Press and Hold Shift key and then, click on Restart button.
c) It will prompt you with options, please click on Troubleshoot icon.
d) Under Troubleshoot window, select Advanced Options.
e) On next window, click on Startup Settings icon.
f) Lastly, click on Restart button on subsequent window.
g) When Windows restarts, present startup options with numbers 1 - 9. Select "Enable Safe Mode with Networking" or number 5.

Startup Options

h) Windows will now boot on Safe Mode with Networking. Proceed with virus scan as the next step.

2. Once Windows is running under Safe Mode with Networking, open your antivirus program and download the most recent update. This method ensures that your antivirus program can detect even newer variants of Suspicious.MH690.

Updating your antivirus software is a one-click process. Please refer to your software manual for complete instructions.

3. Once updating is finished, run a full system scan. After the scan, delete all infected items. If unable to clean or delete, better place the threat in quarantine.

Step 2: Run another test with online virus scanner

Another way to remove Suspicious.MH690 without the need to install additional antivirus software is to perform a thorough scan with free online virus scanner. It can be found on websites of legitimate antivirus and security provider.

1. Click the button below to proceed to the list of suggested Online Virus Scanner. Choose your desired provider. You can run each scan individually, one at a time, to ensure that all threats will be removed from the computer. This may require plug-ins, add-on or Activex object, please install if you want to proceed with scan.

Online Virus Scan

2. After completing the necessary download, your system is now ready to scan and remove Suspicious.MH690 and other kinds of threats.
3. Select an option in which you can thoroughly scan the computer to make sure that it will find and delete entirely all infections not detected on previous scan.
4. Remove or delete all detected items.
5. When scanning is finished, you may now restart the computer in normal mode.

Alternative Removal Procedures for Suspicious.MH690

Option 1 : Use Windows System Restore to return Windows to previous state

During an infection, Suspicious.MH690 drops various files and registry entries. The threat intentionally hides system files by setting options in the registry. With these rigid changes, the best solution is to return Windows to previous working state is through System Restore.

To verify if System Restore is active on your computer, please follow the instructions below to access this feature.

Access System Restore on Windows XP, Windows Vista, and Windows 7

a) Go to Start Menu, then under 'Run' or 'Search Program and Files' field, type rstrui.
b) Then, press Enter on the keyboard to open System Restore Settings.

rstrui-win7

Open System Restore on Windows 8 and Windows 10

a) Hover your mouse cursor to the lower left corner of the screen and wait for the Start icon to appear.
b) Right-click on the icon and select Run from the list. This will open a Run dialog box.
c) Type rstrui on the 'Open' field and click on OK to initiate the command.

rstrui-win8

If previous restore point is saved, you may proceed with Windows System Restore. Click here to see the full procedure.

Avatar

About Marco Mathew

Marco Mathew works as Windows Network administrator before establishing precisesecurity.com. Now, Marco is dedicating full-time to help computer users' fight viruses, malware, trojan, worms, adware, and potentially unwanted programs.

10 Comments

  1. AvatarTech0utsider

    FP associated with Totalidea Software; specifically TweakVI with aggressive heuristics in NAV/NIS09.

  2. AvatarJoanna

    How do I remove MH690. I have Norton and when I run a scan it says it can’t find the file it is attached to. Thanks for your help!

  3. AvatarBob

    I got the same thing, but what does the file do? I mean I know its a hacker’s open door, but how in the first place do you open it, and How can you close it? I had 4 and somehow got rid of 1 but I don’t know what I did. Any help would be appreciated.

    Thanks.

  4. Avatardesqview

    Set Norton to quarantine and delete, make sure you get rid of system restore information, it’s mostly there also.

  5. AvatarLPortillo

    I got the same Suspicious.MH690, I called Symantec for help. they told me they will charge me $130 extra to remove it, (After paying $60 for the 360 Virus projection program) So what about if I get another “threat” next week and the next week? That could be a great way of income for Symantec?

    One thing for sure I am sick of Symantec and their pranks. I am getting a new Anti Virus suit.

  6. AvatarShinobi

    My Norton 360 says it cannot remove Packed.Generic.218 and customer service says it needs $100 to remove it. They are crazy. Also, Norton says its a high level threat yet all research I’ve done says its a low level threat. What is Norton trying to pull? Does anyone know how to remove this threat without paying? Help!

  7. AvatarPat Kittle

    I too was told by Norton it would remove MH690 if I forked over a 3-digit figure, and there would be no guarantee the problem would not return.

    I was furthere informed there are “very intelligent people” who create these viruses (presumably justifying Norton’s outrageous protection racket).

    When I told Norton they should warn people upfront about their scam, they merely repeated their terms, and added that the blocked threat could morph into something far more dangerous at any time.

    Whoever is responsible for this scam should share Bernie Madoff’s cell with him for the next 150 years. Seriously!

  8. AvatarTyler Deacon

    MH690 is suppose to affect logging into Windows. Basically you log in & it will log you right back out just as quick. The only way to get rid of it is to reinstall Windows. Safe Mode, Safe Mode with Networking, Last Known Good Configuration, etc. I believe it affects WinLogOn.

  9. AvatarJan

    Okay guys if SuspiciousMH690.A Infects your SVCHOST.exe i got 1 word to you your dead like me… go ahead and delete SVCHOST.exe from system32 but remmber some windows may make an big trouble so first put it in winrar from system32 and delete it put winrar in your documents done go to Task manager click Process Click process from all users and scroll down you will see SVCHOST end the process reboot pc and that all nice day =)

  10. AvatarKent Kirkland

    Let me tell you how I got rid of this problem once and for all. I used to folk over hundreds each year for a tech to remove viruses from my business computer. Haven’t had to have a computer technician remove any viruses for the past year. I bought a new computer last year, loaded up Ubuntu Linux for free, and use Open Office for all of my office applications. (You can save as a Work file, etc.) Works great, the clients see nothing different, and I have not had a virus on my LInux machine the whole time! Give it a try. You can download it for free, install it to run side by side with the Windows crap, and try it. I love it and will not return to Windows.

Leave a Comment

Your email address will not be published. Required fields are marked *